<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<%@include file="../connection.jsp"%>

<% 

  //HttpSession session = request.getSession();
  //session = request.getSession();
  
  String userid = (String)session.getAttribute("admin");
  
  if(userid==null)
  {
  	response.sendRedirect("../login.jsp");
  }

  Connection c = getAdminConnection();
  Statement s = c.createStatement();  
  
  String newUserId = request.getParameter("user_id");   
  
  String message="";
  
  if(newUserId!=null){
  
	  
	  String password = request.getParameter("new_password"); 
	  String name = request.getParameter("name");
	  String email = request.getParameter("email");
	  
	  String admin = request.getParameter("user_type");
	  String active = request.getParameter("active");	  
	  String doc_code = request.getParameter("doc_code");
	  String db_id = request.getParameter("db_id");	
	  
	  if(request.getParameter("editcase")!=null){
	  	s.executeUpdate("update users set password='"+password+"', name='"+name+"', email='"+email+"', active="+active+", admin="+admin+", doc_code='"+doc_code+"', db_id='"+db_id+"' where userid='"+newUserId+"'");
				message="User updated successfully.<br /><br />";
				
		}else{
		  ResultSet rs  = s.executeQuery("select userid from users where userid='"+newUserId+"' or email='"+email+"'");
		  if(rs.first()){	  		
				message="User or the email adress you have entered may already exists. Please try again.";
		  }else{
				s.executeUpdate("insert into users (userid, password, name, email, active, admin, doc_code, db_id) values('"+newUserId +"', '"+password+"', '"+name+"', '"+email+"', "+active+", "+admin+", '"+doc_code+"', '"+db_id+"')");
				message="User created successfully.<br /><br />";
		  }
		  rs.close();
	  }
          
}
String edit_user_id = request.getParameter("edit_user_id");

String password="";
String name="";
String email="";
String admin="";
String doc_code="";
String active="";
String db_id="";

String pageTitle="Create User";

if(edit_user_id!=null){
	ResultSet rs  = s.executeQuery("select * from users where userid='"+edit_user_id+"'");
	
	if(rs.first()){
		
		password=rs.getString("password");
		name = rs.getString("name");
		email = rs.getString("email");
		admin = rs.getString("admin");
		doc_code = rs.getString("doc_code");
		active = rs.getString("active");
		db_id = rs.getString("db_id");
		
	}
	pageTitle = "Edit User";
}
%>

<html>
<head>
<link href="../css/medbill.css" rel="stylesheet" type="text/css" />
<title>PMS Home</title>
<script language="javascript">
function validateForm(){		
	
	if(document.getElementById("user_id").value.length == 0){
		alert("Enter user id.");
		document.getElementById("user_id").focus();
		return false;
	}
	
	var newPass = document.getElementById("new_password");
	var confirmPass = document.getElementById("confirm_password");
	
	if(newPass.value.length > 0)
	{	
		if(newPass.value!=confirmPass.value){
			alert("Confirm password does not match.");
			confirmPass.focus();
			return false;
		}
	}else{
			alert("Enter password.");
			newPass.focus();
			return false;
	}	
	
	if(document.getElementById("name").value.length == 0){
		alert("Enter user name.");
		document.getElementById("name").focus();
		return false;
	}	
	
   var reg = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/;
   var address = document.getElementById("email").value;
   if(reg.test(address) == false) {
      alert('Invalid Email Address');
      document.getElementById("email").focus();
      return false;
    }  	
	return true;	
	
}
</script>
</head>

<body>
<table width="860" height="100%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td height="204" valign="top"><%@include file="header.jsp"%></td>
  </tr>
  <tr>
    <td height="30" bgcolor="#1f226f" class="headingBlue">Medical Billing and Claim Processing Professionals</td>
  </tr>
  <tr>
    <td valign="top" bgcolor="#ccae74"><table width="96%" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr>
        <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="470" valign="top" class="txtPageTitle"><%=pageTitle%></td>
            <td>&nbsp;</td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td><table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="560"></td>
              </tr>
              <tr>
                <td class="txtHomeBody"></td>
              </tr>
            </table>
              <br>
<form name="signup" onsubmit="return validateForm();" action="create_user.jsp" method="post">
  <div>
  <table border="0" width="364" style="border-collapse: collapse" bordercolor="#000000" height="239" cellspacing="1">

	<tr>
		<td colspan="2"><font color='red'><%=message%></font></td>
	</tr>

	<tr>
		<td width="143" align="left">User Id:</td>
		<td width="214" align="left">		
    <input name="user_id" id="user_id" size="20" /></td>
	</tr>
	<tr>
		<td width="143" align="left">Password:</td>
		<td width="214" align="left">
    <input type="password" name="new_password" id="new_password" size="20" /></td>
	</tr>
	<tr>
		<td width="143" align="left">Confirm Password:</td>
		<td width="214" align="left">
    <input type="password" id="confirm_password" name="confirm_password" size="20" /></td>
	</tr>
	<tr>
		<td width="143" align="left">Name:</td>
		<td width="214" align="left"><input type="text" name="name" id="name" size="20"></td>
	</tr>
	<tr>
		<td width="143" align="left">Email Address:</td>
		<td width="214" align="left"><input type="text" name="email" id="email" size="20"></td>
	</tr>
	<tr>
		<td width="143" align="left">User Type:</td>
		<td width="214" align="left"><select size="1" name="user_type" id="user_type" style="width:150px;height:22">
			<option value="0">Standard User</option>
			<option value="1">Administrator</option>
		</select></td>
	</tr>
	<tr>
	  <td align="left">Doc Code</td>
	  <td align="left"><input type="text" name="doc_code" size="20"></td>
	  </tr>
	<tr>
		<td width="143" align="left">Status:</td>
		<td width="214" align="left">
		<select size="1" name="active" id="active" style="width:119;height:22">
			<option value="1">Active</option>
			<option value="0">In-Active</option>
		</select></td>
	</tr>
	<tr>
		<td width="143" align="left">Database:</td>
		<td width="214" align="left">
		<select size="1" name="db_id" id="db_id" style="height:22">
		<option value="0">None</option>
		<%
		ResultSet rs2 = s.executeQuery("SELECT * FROM dbinfo");
		while(rs2.next()){
		%>
         <option value="<%=rs2.getString("id")%>"><%=rs2.getString("name")%></option>
         <%}%>
        
</select></td>
	</tr>
	<tr>
		<td width="143">&nbsp;</td>
		<td width="214">&nbsp;</td>
	</tr>
	<tr>
		<td width="143">&nbsp;</td>
		<td width="214">
		<p align="left"><input name="submit_btn" id="submit_btn" type="submit" value="Create"/> 
		<input type="button" value="Cancel" onclick="location='home.jsp';"/></td>
	</tr>
	</table>
  </div>
  <p>&nbsp;</p>
</form>
<br />
<br />

			  </td>
            <td width="45" valign="top">&nbsp;</td>
            <td valign="top">&nbsp;</td>
          </tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td height="62" valign="top"><!-- #BeginLibraryItem "/Library/footer.lbi" --><table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td height="4" bgcolor="#c7540f"></td>
      </tr>
      <tr>
        <td height="58" bgcolor="#1e2667">&nbsp;</td>
      </tr>
    </table><!-- #EndLibraryItem --></td>
  </tr>
</table>
<script language="javascript">
<%
if(edit_user_id!=null){
%>
document.signup.user_id.readOnly="readonly";
document.signup.user_id.value="<%=edit_user_id%>";
document.signup.new_password.value="<%=password%>";
document.signup.confirm_password.value="<%=password%>";
document.signup.name.value="<%=name%>";
document.signup.email.value="<%=email%>";
document.signup.user_type.value="<%=admin%>";
document.signup.doc_code.value="<%=doc_code%>";
document.signup.active.value="<%=active%>";
document.signup.db_id.value="<%=db_id%>";

document.signup.action="create_user.jsp?editcase=1";
document.signup.submit_btn.value="Modify";
<%
}
%>
</script>
</body>
</html>
<%
  c.close();
  s.close();
%>